On Tue, Dec 17, 2019 at 06:58:20PM +0800, Qu Wenruo wrote: > Inspired by btrfs-progs github issue #208, where chunk item in chunk > tree has invalid num_stripes (0). > > Although that can already be catched by current btrfs_check_chunk_valid(), > that function doesn't really check item size as it needs to handle chunk > item in super block sys_chunk_array(). > > This patch will just add two extra checks for chunk items in chunk tree: > - Basic chunk item size > If the item is smaller than btrfs_chunk (which already contains one > stripe), exit right now as reading num_stripes may even go beyond > eb boundary. > > - Item size check against num_stripes > If item size doesn't match with calculated chunk size, then either the > item size or the num_stripes is corrupted. Error out anyway. > > Signed-off-by: Qu Wenruo <wqu@xxxxxxxx> Added to misc-next, thanks.
